This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

Claims 

1. (Presently Amended) A system for providing controlled access to an object and other 
associated information file by a plurality of users comprising: means for establishing an 
object, the object comprising distinguishable groups of data, each group of data having 
associated access criteria for access to the groups of data; a database for storing the 
object and associated information, means for establishing access criteria wherein each 
group of data has an associated a user privilege associated with it for identifying 
separate groups of information to which user may have access to the groups of data and 
setting a user's ID including defining which users are allowed to access the object and 
associated information and associated user privileges associated with the object and 
information ; a central processing unit (CPU) for controlling the access to the database 
in accordance with the access criteria; a memory for storing software code for 
controlling the operation of the CPU; a cache memory for storing user ID's; a cache 
memory for storing user access criteria; and access application code stored in the 
memory and executable by the CPU, the application code being responsive to the user 
ID and user access criteria associated with the groups of data contained within an object 
and to predetermined privileges for allowing controlled access to individual groups of 
data contained within the object by an individual user according to the user's access 
privileges, thereby transmitting a redacted object to the user wherein transmitting a 
redacted object includes sending an electronic object to the user that contains the 
groups of information to which the user has access to and that excludes groups of 
information to which the user does not have access. 

2. (Presently Amended) A system according to claim 1, wherein access includes the 
ability of a user to read the contents of the a requested object. 



3. (Presently Amended) A system according to claim 2, wherein access includes the 
ability to modify the contents of the a requested object. 

4. (Presently Amended) A system according to claim 3, wherein the ability to modify 
includes the ability to delete information contained in the a requested object. 

5. (Presently Amended) A system according to claim 3, wherein the ability to modify 
includes the ability to add data to the a requested object. 

6. (Presently Amended) A system according to claim 1 wherein the access is 
determined by a business relationship to produce products and defined by the host 
according to the need of information in the a product chain. 

7. (Presently Amended) A method of controlling access to objects stored in electronic 
form, comprising: establishing an object including loading information into the object 
into separate groups having separate privilege access criteria; storing the object, the 
object comprising distinguishable groups of data, establishing access criteria wherein 
each group of data having an associated user privilege including identifying separate 
groups of information to which the user may have access criteria for access to the 
groups of data; setting a user's ID including defining which users are allowed to access 
the object and associated information and user privileges; controlling the access to the 
database using a central processing unit (CPU) according to the access criteria; storing 
software code for controlling the operation of the CPU in memory; verifying a user's 
user privilege access criteria including extracting the user's user identification from the 
an object request, verifying the user's user identification first in cache memory and if 
not in cache then in main memory the user's user identification and identifying the 
groups of data to which the user has access and privileges with respect thereto thereby 
allowing controlled access to individual groups of data contained within the object by 
an individual user according to the user's privileges in response to the access criteria 
associated with the groups of data contained within an object and to predetermined 
privileges upon verification of user ID and user privileges, searching first in cache and 



if not found in memory then in main memory and retrieving the data requested 
according to the user's access criteria and transmitting a redacted object to the user 
wherein transmitting a redacted object includes sending an electronic object to the user 
that contains the groups of information to which the user has access to and that 
excludes groups of information to which the user does not have access. 

8-12 (Canceled) 

13. (Presently Amended) A computer program product for use with a computer system, 
a central processing unit and means coupled to the central processing unit for storing a 
database to automatically manage objects for viewing and marking an object having 
varying formats without the use of any originating application of a file to view the 
object, comprising: computer readable code means for establishing an object in a 
storage location including loading information into the object into separate groups 
having separate privilege access criteria; storing the object, the object comprising 
distinguishable groups of data,; computer readable code means for identifying a user to 
have access to the object; computer readable code means for establishing privilege 
access criteria that define the scope of access of the object for the user whereby each 
group of data has an associated user privilege that define the scope of access of the 
object for the user [[[;]]] including identifying separate groups of information to which 
the user may have access criteria for access to the groups of data; setting a user's ID 
including defining which users are allowed to access the object and associated 
information and user privileges;; computer readable code means for receiving an object 
request by a user; computer readable code means for verifying the user's user privilege 
access criteria including extracting the user's user identification from the object request, 
verifying the user's user identification first in cache memory and if not in cache then in 
main memory the user's user identification and identifying the groups of data to which 
the user has access and privileges with respect thereto thereby allowing controlled 
access to individual groups of data contained within the object by an individual user 
according to the user's privileges in response to the access criteria associated with the 
groups of data contained within an object and to predetermined privileges upon 



verification of user ID and user privileges, searching first in cache and if not found in 
memory then in main memory and retrieving the data requested according to the user's 
access criteria; and computer readable code means for transmitting a redacted document 
according to the user's user privilege access criteria including sending an electronic 
object to the user that contains the groups of information to which the user has access to 
and that excludes groups of information to which the user does not have access. 

14. (Presently Amended) A computer program device, comprising: a computer program 
storage device readable by a digital processing apparatus; a program stored on the 
program storage device and including instructions executable by the digital processing 
apparatus for controlling the apparatus to perform a method of managing documents for 
viewing and marking an object having varying formats without the use of any 
originating application of a file to view the object stored in the file, comprising: 
establishing an object in a storage location including loading information into the object 
into separate groups having separate privilege access criteria; storing the object, the 
object comprising distinguishable groups of data ; identifying a user to have access to 
the object; establishing privilege access criteria that define the scope of access of the 
object for the user; receiving an object request by a user; verifying the user's ser 
privilege access criteria including extracting the user's user identification from the 
object request, verifying the user's user identification first in cache memory and if not 
in cache then in main memory the user's user identification and identifying the groups 
of data to which the user has access and privileges with respect thereto thereby 
allowing controlled access to individual groups of data contained within the object by 
an individual user according to the user's privileges in response to the access criteria 
associated with the groups of data contained within an object and to predetermined 
privileges upon verification of user ED and user privileges, searching first in cache and 
if not found in memory then in main memory and retrieving the data requested 
according to the user's access criteria; and transmitting a redacted object according to 
the user's user privilege access criteria including sending an electronic object to the 
user that contains the groups of information to which the user has access to and that 
excludes groups of information to which the user does not have access. 



15. (Presently Amended) In a computer server having a data base for storing data 
pertaining to product information, a method of securely transferring data between a 
source and an access destination comprising: establishing an object in a storage location 
including loading information into the object into separate groups having separate 
privilege access criteria; storing the object, the object comprising distinguishable 
groups of data, identifying a user to have access to the object; establishing privilege 
access criteria wherein each group of data. has an associated user privilege that define 
the scope of access of the object for the user [[[;]]] including identifying separate 
groups of information to which the user may have access criteria for access to the 
groups of data; setting a user's ID including defining which users are allowed to access 
the object and associated information and user privileges; receiving [[[a]]] an object 
request by a user; verifying the user's user privilege access criteria including extracting 
the user's user identification from the object request, verifying the user's user 
identification first in cache memory and if not in cache then in main memory the user's 
user id e ntification and identifying the groups of data to which the user has access and 
privileges with respect thereto thereby allowing controlled access to individual groups 
of data contained within the object by an individual user according to the user's 
privileges in response to the access criteria associated with the groups of data contained 
within an object and to predetermined privileges upon verification of user ID and user 
privileges, searching first in cache and if not found in memory then in main memory 
and retrieving the data requested according to the user's access criteria; and transmitting 
a redacted object according to the user's user privilege access criteria including sending 
an electronic object to the user that contains the groups of information to which the user 
has access to and that excludes groups of information to which the user does not have 
access. 

16. (Previously Added) The system of claim 1 further including means for sending an 
electronic object to the user that contains the groups of information to which the user 
has access to and that excludes groups of information to which the user does not have 
access. 



